mirror of
https://github.com/jlu5/PyLink.git
synced 2024-11-27 21:19:31 +01:00
Add SSL linking support (#80)
TODO: implement fingerprint checking (optional) and a genssl script to ease SSL certificate generation.
This commit is contained in:
parent
cdb0bb6707
commit
18cd3bdd88
@ -53,6 +53,12 @@ servers:
|
|||||||
# PyLink might introduce a nick that is too long and cause netsplits!
|
# PyLink might introduce a nick that is too long and cause netsplits!
|
||||||
maxnicklen: 30
|
maxnicklen: 30
|
||||||
|
|
||||||
|
# Toggles SSL for this network. Defaults to false if not specified, and requires the
|
||||||
|
# ssl_certfile and ssl_keyfile options to work.
|
||||||
|
# ssl: true
|
||||||
|
# ssl_certfile: pylink-cert.pem
|
||||||
|
# ssl_keyfile: pylink-key.pem
|
||||||
|
|
||||||
ts6net:
|
ts6net:
|
||||||
ip: 127.0.0.1
|
ip: 127.0.0.1
|
||||||
port: 7000
|
port: 7000
|
||||||
|
19
main.py
19
main.py
@ -7,6 +7,7 @@ import time
|
|||||||
import sys
|
import sys
|
||||||
from collections import defaultdict
|
from collections import defaultdict
|
||||||
import threading
|
import threading
|
||||||
|
import ssl
|
||||||
|
|
||||||
from log import log
|
from log import log
|
||||||
import conf
|
import conf
|
||||||
@ -73,13 +74,25 @@ class Irc():
|
|||||||
ip = self.serverdata["ip"]
|
ip = self.serverdata["ip"]
|
||||||
port = self.serverdata["port"]
|
port = self.serverdata["port"]
|
||||||
while True:
|
while True:
|
||||||
log.info("Connecting to network %r on %s:%s", self.name, ip, port)
|
|
||||||
self.initVars()
|
self.initVars()
|
||||||
try:
|
try:
|
||||||
|
self.socket = socket.socket()
|
||||||
|
self.socket.setblocking(0)
|
||||||
# Initial connection timeout is a lot smaller than the timeout after
|
# Initial connection timeout is a lot smaller than the timeout after
|
||||||
# we've connected; this is intentional.
|
# we've connected; this is intentional.
|
||||||
self.socket = socket.create_connection((ip, port), timeout=self.pingfreq)
|
self.socket.settimeout(self.pingfreq)
|
||||||
self.socket.setblocking(0)
|
|
||||||
|
if self.serverdata.get('ssl'):
|
||||||
|
log.info('(%s) Attempting SSL for this connection...', self.name)
|
||||||
|
certfile = self.serverdata.get('ssl_certfile')
|
||||||
|
keyfile = self.serverdata.get('ssl_keyfile')
|
||||||
|
if certfile and keyfile:
|
||||||
|
self.socket = ssl.wrap_socket(self.socket, certfile=certfile, keyfile=keyfile)
|
||||||
|
else:
|
||||||
|
log.warning('(%s) SSL certfile/keyfile was not set correctly. '
|
||||||
|
'SSL will be disabled for this connection.', self.name)
|
||||||
|
log.info("Connecting to network %r on %s:%s", self.name, ip, port)
|
||||||
|
self.socket.connect((ip, port))
|
||||||
self.socket.settimeout(self.pingtimeout)
|
self.socket.settimeout(self.pingtimeout)
|
||||||
self.proto.connect(self)
|
self.proto.connect(self)
|
||||||
self.spawnMain()
|
self.spawnMain()
|
||||||
|
Loading…
Reference in New Issue
Block a user